spec/fixtures/security-reports/master/gl-dependency-scanning-report.json


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

[
  {
    "priority": "Unknown",
    "file": "pom.xml",
    "cve": "CVE-2012-4386",
    "url": "http://struts.apache.org/docs/s2-010.html",
    "message": "CSRF protection bypass for org.apache.struts/struts2-core",
    "tools": [
      "gemnasium"
    ],
    "tool": "gemnasium"
  },
  {
    "priority": "Unknown",
    "file": "pom.xml",
    "cve": "CVE-2012-4387",
    "url": "http://struts.apache.org/docs/s2-011.html",
    "message": "Long parameter name DoS for org.apache.struts/struts2-core",
    "tools": [
      "gemnasium"
    ],
    "tool": "gemnasium"
  },
  {
    "priority": "Unknown",
    "file": "pom.xml",
    "cve": "CVE-2013-1966",
    "url": "http://struts.apache.org/docs/s2-014.html",
    "message": "Remote command execution due to flaw in the includeParams attribute of URL and Anchor tags for org.apache.struts/struts2-core",
    "tools": [
      "gemnasium"
    ],
    "tool": "gemnasium"
  }
]